Welcome back to your free Active Directory
training course. In this video l will look at some of the new features in Windows Server
2008, Windows Server 2008 R2 and Service Pack 1 for Windows Server 2008 R2.
In this training series and other free training series from us you will notice that we commonly
refer to Windows Server 2008 even when the course is designed around windows Server 2008
R2. The reason for this is that if the feature exists in both operating systems we will simply
state Windows Server 2008. If the feature only exists in R2 or with service pack 1
we will mention this. All the demonstrations for this course are
done in Windows Server 2008 R2. If you are working with Windows Server 2008 the interface
is very simpler if not the same so you should be able to follow along.
The first major feature of Windows Server 2008 over its predecessor is that Windows
Server 2008 is very modular. This is done through the use of roles and features. Both
are added through the Server Manager. All though at times there is an overlap between
roles and features think of a role as a major feature or change added to the operating system.
A feature on the other hand is like a smaller add-on package added to the operating system.
Some of these roles and features in Windows Server 2008 were available in Windows Server
2003 as downloads from Microsoft. In windows Server 2008 these have been integrated into
windows Server 2008 and you no longer need to download them. The modular nature of Windows
Server 2008 makes it very easy to customize your Server and changed it when your needs
change. Let’s start by looking at some of the new features in Windows Server 2008 following
by R2 and finishing with the features that are in service pack 1.
Firstly I will look at the Active Directory features added with Windows Server 2008. Windows
Server 2008 comes with Active Directory certificate services formally certificate services in
Windows Server 2003. Certificates give you excellent security. With Windows Server 2008
certificates are more tidily bound with Active Directory making it a lot easier to deploy
certificates in your organization. Next Windows Server 2008 comes with Active
Directory Application Mode or Adam. This was previously an add-on in Windows Server 2003.
With Windows Server 2008 it is included. Adam is a non-operating systems service unlike
Active Directory. Adam provides an application frame work for applications to access data
in the Active Directory database. The next feature of Windows Server 2008 is
Active Directory federation services. Federation services allow users in different organizations
to easily share resources with each other. This is designed for circumstances where the
users are not part of your company and may be a partner or supplier. Federation Services
provides the infrastructure for the two organizations to access to each other resources. All this
is done without the need for both organizations to share Active Directory Infrastructure.
When done correctly the supplier or 3rd party organization should be able to access resources
on both networks with a single sign on. The next feature of Windows Server 2008 is
that it comes with Active Directory rights management. Rights management is software
designed to protect your Intellectual property. For example you could protect an office document
from being copied or even printed. Next Windows Server 2008 supports read only
domain controllers. A domain controller is responsible of authenticating users and allowing
them access to the network. A read only domain controller is used in places where physical
security of the domain controller may be a concern. A read only domain controller can’t
make changes and if stolen can easily be removed from the network without any lost of security.
The next feature of Windows Server 2008 is Active Directory is now restartable. If you
have a problem with Active Directory you can stop and restart it like any other service.
Previously you could only do this by rebooting the server.
Active Directory now supports granular password polices. Previously if you want to have a
different password policy, for example you want to enforce longer passwords for certain
users, the only way this could be done was to have separate domains. Now with Active
Directory granular passwords you can create a completely different set of password policies
for different users. With granular password policies you no longer have to create separate
domains in order to have separate password polices.
Active Directory now also supports snap shots for the database itself. A snapshot allows
you to take a record of what the database looks like at a particular point in time.
Once the snap shot is taken you can restore the database back to what it looked like when
the snap shot was taken. Snap shots make recovery of the Active Directory database a lot easier.
That’s it for Active Directory features in Windows Server 2008, let’s look at some
of the non-Active Directory related features that Windows Server 2008 has.
Windows Server 2008 now has self-healing NTFS file system. If Windows detects a problem
with a file on the hard disk a NTFS worker thread is started to correct the problem.
In the old days you sometimes had to reboot your server and run a low level check disk
when the server started up. Hopefully with a self-healing NTFS rebooting the server
to perform a disk check is a thing of the past.
If you are using terminal services you may have suffered delays for creating new sessions
on busy servers. This is because terminal services could only create one session at
a time. If a session was in the process of being created, the next session had to wait
until that session was created. Windows Server 2008 can now start four sessions at once in
parallel reducing the wait time users have to wait to access busy Terminal Servers.
Windows Server 2008 now supports clean server shut down. Previously what would happen is
that all the processes on the system would be given a signal that the server is shutting
down. All processes on the system would then have 20 seconds to shut down. An application
that has a lot of data to write to the hard disk or a printer with a big job currently
printing 20 seconds is not enough time. With Windows Server 2008 the processes on
the server are now given as much time as they need to stop cleanly as long as they are still
responsive. If Windows Server 2008 thinks the process has crashed or hung it will reboot
the server regardless. This ensures your services get time to shut down correctly and a stuck
process does not cause the system not to reboot. The next feature is Server Core. Server Core
is a version of Window Server 2008 without the graphical interface. Not having the graphical
interface means that the server has less software and drivers. This reduces the amount of memory
required to run the server and also reduces the attack surface. The attack surface is
defined as the number of ports, services and software that an attacker could use to compromise
a system. More software running is more software that needs to be patched and has the potential
to have a security issues that a hacker may be able to exploit.
Windows Server 2008 comes with a new role called Hyper-V. Originally Hyper-V was not
included with Windows Server 2008 when it was first released as it was not finished
in time. It was later made available as a download and through windows update. Hyper-V
provides a native virtualization solution to run your virtual machines.
The next feature with Windows Server 2008 is Power Shell. This is available as a download
for Windows Server 2003 but is included in Windows Server 2008. Power shell is a command
line interface designed to replace the old MS dos style command line prompt. Power shell
is a lot more powerful than the command line and has better support for interfaces like
dot net. There are more new features in Windows Server
2008 but this covers the major ones. The next features that I want to look as the new features
that are in Windows Server 2008 R2. The first feature is BranchCache. BranchCache
allows files to be cached on a local network rather than coping them over the wide
area network again. BranchCache only works with Windows 7 clients.
The next feature is DirectAccess. Once again this feature only works when combined with
Windows 7 clients. DirectAccess allows users to connect to the corporate network without
having to create a VPN connection. A Direct Access connection back to the office will
be made automatically when the computer is connected to an internet connection.
Windows Server 2008 R2 adds supports for the Active Directory recycle bin. The Active
Directory recycle bin allows you to recover Active Directory objects after they have been
deleted. For example, if you deleted a user account you could recover the user account
and any security attached to this account. Previously in order to recover deleted objects
you would have needed to reboot the server into safe mode and restore the Active Directory
objects. The next feature you have is starter group
polices. Group policy allows you to deploy settings to computers in your enterprise.
Starter group policy allows you to create a template group policy. If you are deploying
a lot of simpler group polices a starter group policy will save you a lot of time.
There are quite a lot of changes in Windows Server 2008 but this covers the major ones.
Next there are the features that service pack 1 adds to Window Server 2008 R2.
Service pack 1 contains many improvements and fixes based on customer feedback. There
are over 600 updates and fixes. A lot of these are available through windows updates but
installing one service pack is generally a lot easier. As well as these updates there
are two major features added with Service pack 1.
First there is Dynamic memory a new feature for Hyper-V. Dynamic memory allows you to
set a minimum and maximum memory range for your virtual machines. Hyper-V will then change
this value based on the demand on the system. For example, if one computer needs more RAM
then more RAM will be allocated to that virtual machine and less to the other.
The essential idea behind dynamic memory is that all the virtual machines on the system
will not need the entire RAM in the computer at once. In some cases, one virtual machine
may be put under a lot of loading and needs additional RAM but any other time it needs
very little. When this occurs, RAM from a pool is allocated to this virtual machine.
When done correctly this allows more virtual machines on the one server without scarifying
the performance of the other virtual machines. Before I starting talk about the next feature,
one thing I want to point out that in Windows Server 2008 R2 terminal services changed
its name to remote desktop. Essentially terminal services and remote desktop are the same thing
just consider remote desktop as a newer version of terminal services.
The next new feature is remote FX. Remote FX allows graphical intense effects like
Aero, Windows graphics interface, to use 3d Hardware on the server rather than on the
client. This means that if you connect to a Terminal Server using old hardware, the
Terminal Server would perform all the 3d rendering on the server and sent the result to the client.
This means that your old hardware that is being used for remote clients that don’t
support 3D can start displaying 3D. This does mean that the 3D load is being moved
from the client to the server, however if you server can handle the load it means that
you won’t have to upgrade the hardware on your clients.
That’s it for all the new features in Windows Server 2008, R2 and services pack 1. Not
a complete list but covers all the major changes. In the next video I will look more in some
of the protocols that make Active Directory work. For more free videos in this series
and others, please have a look at our web page or you tube channel. Thanks for watching.